2015-12-30 09:52:24 +00:00
|
|
|
(* Copyright (C) 2015, Thomas Leonard <thomas.leonard@unikernel.com>
|
|
|
|
See the README file for details. *)
|
|
|
|
|
|
|
|
open Lwt
|
|
|
|
open Qubes
|
|
|
|
|
|
|
|
let src = Logs.Src.create "unikernel" ~doc:"Main unikernel code"
|
|
|
|
module Log = (val Logs.src_log src : Logs.LOG)
|
|
|
|
|
2022-03-30 07:12:01 +00:00
|
|
|
module Main (R : Mirage_random.S)(Clock : Mirage_clock.MCLOCK)(Time : Mirage_time.S) = struct
|
2023-07-05 09:56:19 +00:00
|
|
|
module Dispatcher = Dispatcher.Make(R)(Clock)(Time)
|
2022-03-30 07:12:01 +00:00
|
|
|
module Dns_transport = My_dns.Transport(R)(Clock)(Time)
|
2020-04-29 14:06:48 +00:00
|
|
|
module Dns_client = Dns_client.Make(Dns_transport)
|
2020-04-29 13:58:01 +00:00
|
|
|
|
2015-12-30 13:59:13 +00:00
|
|
|
(* Set up networking and listen for incoming packets. *)
|
2023-07-05 09:56:19 +00:00
|
|
|
let network dns_client dns_responses dns_servers qubesDB router =
|
2015-12-30 13:59:13 +00:00
|
|
|
(* Report success *)
|
|
|
|
Dao.set_iptables_error qubesDB "" >>= fun () ->
|
|
|
|
(* Handle packets from both networks *)
|
2023-07-05 09:56:19 +00:00
|
|
|
Lwt.choose [
|
|
|
|
Dispatcher.wait_clients Clock.elapsed_ns dns_client dns_servers qubesDB router ;
|
|
|
|
Dispatcher.uplink_wait_update qubesDB router ;
|
|
|
|
Dispatcher.uplink_listen Clock.elapsed_ns dns_responses router
|
|
|
|
]
|
2015-12-30 13:59:13 +00:00
|
|
|
|
|
|
|
(* Main unikernel entry point (called from auto-generated main.ml). *)
|
2022-03-30 07:12:01 +00:00
|
|
|
let start _random _clock _time =
|
2020-01-11 14:36:02 +00:00
|
|
|
let start_time = Clock.elapsed_ns () in
|
2022-09-02 12:27:43 +00:00
|
|
|
(* Start qrexec agent and QubesDB agent in parallel *)
|
2015-12-30 09:52:24 +00:00
|
|
|
let qrexec = RExec.connect ~domid:0 () in
|
|
|
|
let qubesDB = DB.connect ~domid:0 () in
|
2020-04-29 13:58:01 +00:00
|
|
|
|
2015-12-30 09:52:24 +00:00
|
|
|
(* Wait for clients to connect *)
|
|
|
|
qrexec >>= fun qrexec ->
|
|
|
|
let agent_listener = RExec.listen qrexec Command.handler in
|
|
|
|
qubesDB >>= fun qubesDB ->
|
2020-04-29 13:58:01 +00:00
|
|
|
let startup_time =
|
2017-03-02 14:52:55 +00:00
|
|
|
let (-) = Int64.sub in
|
2020-01-11 14:36:02 +00:00
|
|
|
let time_in_ns = Clock.elapsed_ns () - start_time in
|
2017-03-02 14:52:55 +00:00
|
|
|
Int64.to_float time_in_ns /. 1e9
|
|
|
|
in
|
2019-01-10 12:39:39 +00:00
|
|
|
Log.info (fun f -> f "QubesDB and qrexec agents connected in %.3f s" startup_time);
|
2015-12-30 09:52:24 +00:00
|
|
|
(* Watch for shutdown requests from Qubes *)
|
2016-01-08 11:31:27 +00:00
|
|
|
let shutdown_rq =
|
2022-03-30 07:12:01 +00:00
|
|
|
Xen_os.Lifecycle.await_shutdown_request () >>= fun (`Poweroff | `Reboot) ->
|
2020-01-11 14:39:20 +00:00
|
|
|
Lwt.return_unit in
|
2015-12-30 09:52:24 +00:00
|
|
|
(* Set up networking *)
|
2017-03-15 08:56:24 +00:00
|
|
|
let max_entries = Key_gen.nat_table_size () in
|
2022-10-07 16:49:03 +00:00
|
|
|
let nat = My_nat.create ~max_entries in
|
2020-04-29 13:58:01 +00:00
|
|
|
|
2023-07-05 09:56:19 +00:00
|
|
|
let netvm_ip = Ipaddr.V4.of_string_exn (Key_gen.ipv4_gw ()) in
|
|
|
|
let our_ip = Ipaddr.V4.of_string_exn (Key_gen.ipv4 ()) in
|
|
|
|
let dns = Ipaddr.V4.of_string_exn (Key_gen.ipv4_dns ()) in
|
|
|
|
let dns2 = Ipaddr.V4.of_string_exn (Key_gen.ipv4_dns2 ()) in
|
|
|
|
|
2023-07-01 08:46:55 +00:00
|
|
|
let zero_ip = (Ipaddr.V4.make 0 0 0 0) in
|
2023-07-05 09:56:19 +00:00
|
|
|
|
|
|
|
let network_config =
|
|
|
|
if (netvm_ip = zero_ip && our_ip = zero_ip) then (* Read network configuration from QubesDB *)
|
|
|
|
Dao.read_network_config qubesDB >>= fun config ->
|
|
|
|
if config.netvm_ip = zero_ip || config.our_ip = zero_ip then
|
|
|
|
Log.info (fun f -> f "We currently have no netvm nor command line for setting it up, aborting...");
|
|
|
|
assert (config.netvm_ip <> zero_ip && config.our_ip <> zero_ip);
|
|
|
|
Lwt.return config
|
|
|
|
else begin
|
|
|
|
let config:Dao.network_config = {from_cmdline=true; netvm_ip; our_ip; dns; dns2} in
|
|
|
|
Lwt.return config
|
|
|
|
end
|
2023-06-30 14:58:08 +00:00
|
|
|
in
|
2023-07-05 09:56:19 +00:00
|
|
|
network_config >>= fun config ->
|
2023-06-30 14:58:08 +00:00
|
|
|
|
2023-07-01 08:46:55 +00:00
|
|
|
(* We now must have a valid netvm IP address and our IP address or crash *)
|
2023-06-30 14:58:08 +00:00
|
|
|
Dao.print_network_config config ;
|
|
|
|
|
2023-06-30 15:57:08 +00:00
|
|
|
(* Set up client-side networking *)
|
|
|
|
Client_eth.create config >>= fun clients ->
|
|
|
|
|
2020-04-29 13:58:01 +00:00
|
|
|
(* Set up routing between networks and hosts *)
|
2023-07-05 09:56:19 +00:00
|
|
|
let router = Dispatcher.create
|
2023-06-30 13:33:41 +00:00
|
|
|
~config
|
2023-06-30 11:59:03 +00:00
|
|
|
~clients
|
2020-04-29 13:58:01 +00:00
|
|
|
~nat
|
2023-07-05 09:56:19 +00:00
|
|
|
?uplink:None
|
2020-04-29 13:58:01 +00:00
|
|
|
in
|
|
|
|
|
2023-07-05 09:56:19 +00:00
|
|
|
let send_dns_query = Dispatcher.send_dns_client_query None in
|
2020-04-29 14:06:48 +00:00
|
|
|
let dns_mvar = Lwt_mvar.create_empty () in
|
2022-09-07 14:53:45 +00:00
|
|
|
let nameservers = `Udp, [ config.Dao.dns, 53 ; config.Dao.dns2, 53 ] in
|
2021-11-05 18:53:39 +00:00
|
|
|
let dns_client = Dns_client.create ~nameservers (router, send_dns_query, dns_mvar) in
|
2020-04-29 14:06:48 +00:00
|
|
|
|
2022-09-07 14:53:45 +00:00
|
|
|
let dns_servers = [ config.Dao.dns ; config.Dao.dns2 ] in
|
2023-07-05 09:56:19 +00:00
|
|
|
let net_listener = network (Dns_client.getaddrinfo dns_client Dns.Rr_map.A) dns_mvar dns_servers qubesDB router in
|
2020-04-29 13:58:01 +00:00
|
|
|
|
2016-01-02 15:59:59 +00:00
|
|
|
(* Report memory usage to XenStore *)
|
|
|
|
Memory_pressure.init ();
|
2015-12-30 09:52:24 +00:00
|
|
|
(* Run until something fails or we get a shutdown request. *)
|
2015-12-30 13:59:13 +00:00
|
|
|
Lwt.choose [agent_listener; net_listener; shutdown_rq] >>= fun () ->
|
2015-12-30 09:52:24 +00:00
|
|
|
(* Give the console daemon time to show any final log messages. *)
|
2022-03-30 07:12:01 +00:00
|
|
|
Time.sleep_ns (1.0 *. 1e9 |> Int64.of_float)
|
2015-12-30 09:52:24 +00:00
|
|
|
end
|